Azure AD is the core of your digital business - just like any Identity Management System would be.
January 30, 2020

Azure AD is the core of your digital business - just like any Identity Management System would be.

Matt Varney | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with Azure Active Directory

Azure Active Directory is our primary authentication mechanism and also provides the basis for a large portion of our authorization mechanisms throughout our enterprise. Everyone in our organization (roughly 150,000 active people objects) has an Active Directory account that they use to authenticate and also gain access to our physical network, our ERP (PeopleSoft), our LMS (Blackboard), and our primary systems of engagement and content (Office 365).
  • As a directory tool, it provides the ability for distributed management and administration of smaller pieces as needed by the organization.
  • With Azure Active Directory being cloud based, there are frameworks available to integrate authentication to other systems (both cloud and on-prem), such as Azure Application Proxies, etc.
  • While it may satisfy basic directory type functions of Identity Management, it doesn't go deep enough by default for the modern workplace (at least without significant effort and potentially dangerous changes to the scheme).
  • Some of the more useful features are only available at a cost, with the most desirable and useful features costing the most.
  • The ROI is immeasurable, at least with any degree of certainty as to the dollars.
  • However, simply put, we are not equipped (financially or technically) to use any other similar solution for authentication and authorization.
  • Switching out to a different solution would be cost prohibitive on a huge scale.
I am not familiar with any product that does all that Azure Active Directory can do. Other products like OKTA and OneLogin may provide a good solution for Single Sign On (SSO) for users, but may not necessarily provide some of the traditional directory services functions for organizations, such as computer management or groupings.
Microsoft has offered Azure Active Directory as a solution for a couple of decades now, so they have seen and anticipated almost any issue that an organization may face and can therefore help. The cloud offering of Azure Active Directory offers some additional "self healing" or monitoring services that can minimize the need for a service call. However, as with most large companies supporting a fast growing market, there may be some gaps in service knowledge (and particularly processing) from the front line / tier one staff as they follow a corporate script at first contact.

Do you think Microsoft Entra ID delivers good value for the price?

Yes

Are you happy with Microsoft Entra ID's feature set?

Yes

Did Microsoft Entra ID live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of Microsoft Entra ID go as expected?

Yes

Would you buy Microsoft Entra ID again?

Yes

If the organization has current or planned investment in Microsoft (i.e. Windows devices for people, is an Office 365 customer, etc), Azure Active Directory is a no brainer and the basic functionality is included in the base plans and licenses. If the organization needs a deeper level of identity management and/or has a high volume of object turn over (account provisioning and deletion), the limit of the basic functionality in Azure Active Directory is quickly realized and additional effort, expense, and technology may be required.

Microsoft Entra ID Feature Ratings

ID-Management Access Control
9
ID Management Single-Sign On (SSO)
9
Multi-Factor Authentication
9
Password Management
9
Account Provisioning and De-provisioning
6
ID Management Workflow Automation
4
ID Risk Management
6